What your firewalls should be doing for a living
If your firewalls are good and configured ideally, your computer should appear to be non-existent to hackers trying to get into it over the Internet. And to repeat from another of my posts, the correct term for an uninvited Internet guest is “cracker”, not “hacker”.
That is, whatever firewall you happen to have facing the Internet. Typically, this will be the “hardware firewall” inside your Internet connection device (cable or DSL modem, etc.) It’s unlikely to be one of the two “software firewalls” – either the one built into Windows or the one in your security software/anti-virus program.
When someone “uninvited” attempts to connect to your PC, it should not respond. It should behave exactly as if unplugged. When that is true, the software robots sent out over the Internet by “script kiddies” (the not-very-technically-savvy, but most numerous type of crackers) will not discover your PC and will not add you to their list of likely targets – which crackers share among themselves.
Test your firewalls!
Steve Gibson has been a personal hero of mine for decades. As a programmer, he developed the sensational “SpinRite” program for repairing ailing hard drives (those with only software problems). Steve is also a security expert and crusading activist who helped goad the major software companies into getting serious about security and stopping many of their stupid practices which helped crackers.
On his Gibson Research Corporation web site, he offers several free security tools. I especially like his “ShieldsUp” online firewall tester. It shows you exactly which ports on your computer are open to crackers, not open but still visible, or invisible. Hopefully your test will show “all green”, indicating that all the critical ports on your machine are “stealthed” – invisible to crackers.
How to test
To test your firewall:
First note that you should not test while reading this. First close any browser instances you have running. Then run your browser again and go to the Gibson Research Corporation site. You may want to print this out first, or copy the link into Windows Notepad [Ctrl+C] to copy, then [Ctrl+V] to paste.
-
Use the above link, but it’s probably best to do so while not reading my blog!
-
Click on the big “ShieldsUp” logo.
-
Then scroll down to the “ShieldsUp” link.
-
After you finish reading the material there, click the “Proceed” button.
-
Click the “All Service Ports” button in the top long horizontal bar of buttons in the blue box.
The test will take maybe a minute, then you’ll see a matrix of little squares, each representing one of your computer’s ports. There will be an explanation of your results and what you should do if each square is not green. Note that you can click on each square to get an explanation of just what that port is and does – it’s a very educational tool.
What if I get blue or red squares?
Blue squares represent your computer’s ports which are responding to requests from the Internet to allow something in. But they are locked and not allowing entry. That’s fine as far as it goes, but it means your computer is not invisible to potential crackers, so it’s not ideal.
Red squares are wide open ports – a serious problem for sure. If you check out the explanation at the bottom of your test, you’ll quickly see that plugging holes in your firewall is a job for an expert. You’ll have to decide if hiring someone to fix “blue” ports is worth the cost. That is, even if crackers are aware of your computer, they still can’t get in without a lot of work – if even then. They’ll want to go find an easier target, of which there are a great many. But if you find “red” ports, you have no choice but to close those – even if it costs you money. Of course, if your computer has anything of great value, like databases of financial info or such, you seriously want to have it be totally invisible.
Now enjoy the emotional glow of knowing your PC is “stealthy” – but like Steve says, don’t get complacent about other security issues. And for even more peace of mind – backup your whole PC (not just your work) often. And if your stuff is really important, keep a copy off-site.
Feel free to comment below…
Here’s to peaceful computing…
_jim coe
